WIRED Threat Level

MAY 14, 2019

All it took to compromise a smartphone was a single phone call over WhatsApp. The user didn't even have to pick up the phone.

IT 89

IT Security 89

Data Breach Today

MAY 16, 2019

$63 Million in Fines Imposed Since Privacy Law Went Into Full Effect European privacy authorities have received nearly 65,000 data breach notifications since the EU's General Data Protection Regulation went into full effect in May 2018. Privacy regulators have also imposed at least $63 million in GDPR fines.

Data breaches 255

Data breaches GDPR Privacy 255

Information Management Resources

MAY 17, 2019

Such frameworks ensure that AI continues to lead to the best decisions, without unintended consequences or misuse of data and analytics.

Artificial Intelligence 53

Artificial Intelligence Analytics 53

Krebs on Security

MAY 14, 2019

Microsoft today is taking the unusual step of releasing security updates for unsupported but still widely-used Windows operating systems like XP and Windows 2003 , citing the discovery of a “wormable” flaw that the company says could be used to fuel a fast-moving malware threat like the WannaCry ransomware attacks of 2017. The May 2017 global malware epidemic WannaCry affected some 200,000 Windows systems in 150 countries.

Ransomware 263

Ransomware Authentication Security IT 263

Advertisement

Many software teams have migrated their testing and production workloads to the cloud, yet development environments often remain tied to outdated local setups, limiting efficiency and growth. This is where Coder comes in. In our 101 Coder webinar, you’ll explore how cloud-based development environments can unlock new levels of productivity. Discover how to transition from local setups to a secure, cloud-powered ecosystem with ease.

Cloud

Krebs on Security

MAY 15, 2019

In the early days of the Internet, there was a period when Internet Protocol version 4 (IPv4) addresses (e.g. 4.4.4.4) were given out like cotton candy to anyone who asked. But these days companies are queuing up to obtain new IP space from the various regional registries that periodically dole out the prized digits. With the value of a single IP hovering between $15-$25, those registries are now fighting a wave of shady brokers who specialize in securing new IP address blocks under false preten

Marketing 188

Marketing IT Security 188

The Last Watchdog

MAY 14, 2019

One of the catch phrases I overheard at RSA 2019 that jumped out at me was this: “The internet is the new corporate network.” Related: ‘Machine identities’ now readily available in the Dark Net Think about how far we’ve come since 1999, when the Y2K scare alarmed many, until today, with hybrid cloud networks the norm. There’s no question the benefits of accelerating digital transformation are astounding.

Authentication 178

Authentication Digital transformation Cloud Risk 178

AIIM

MAY 17, 2019

Sometimes a little too much of a good thing can be a bad thing. An overabundance of motivation can lead to stress, fatigue, and burnout. According to the Harvard Business Review, the majority of managers now spend over 85% of their work time checking emails, checking up on meetings, connecting with people over the phone, and checking their phones for important, work-related updates.

Communications 159

Communications Risk IT 159

Krebs on Security

MAY 16, 2019

Law enforcement agencies in the United States and Europe today unsealed charges against 11 alleged members of the GozNym malware network, an international cybercriminal syndicate suspected of stealing $100 million from more than 41,000 victims with the help of a stealthy banking trojan by the same name. The locations of alleged GozNym cybercrime group members.

Computer and Electronics 195

Computer and Electronics Phishing Cloud Access 195

Data Breach Today

MAY 14, 2019

Immediate App Updating Required to Protect Apple and Android Device Users Facebook is warning users of its WhatsApp messaging app to update immediately to fix a flaw that is being used to remotely install Pegasus surveillance software from Israel's NSO Group. WhatsApp says a "select number" of targets were hit by the attacks, which it has blamed on "an advanced cyber actor.

IT 257

IT 257

Advertisement

Large enterprises face unique challenges in optimizing their Business Intelligence (BI) output due to the sheer scale and complexity of their operations. Unlike smaller organizations, where basic BI features and simple dashboards might suffice, enterprises must manage vast amounts of data from diverse sources. What are the top modern BI use cases for enterprise businesses to help you get a leg up on the competition?

Thales Cloud Protection & Licensing

MAY 16, 2019

We are seeing more organizations use a ‘lift and shift’ policy, where data is moved to the cloud to satisfy project requirements. But safe migration to the cloud requires that the process be secure, compliant and easy to implement. The 1,200 data security professionals worldwide who were surveyed for the 2019 Thales Data Threat Report-Global Edition tell us that protecting sensitive data in the cloud is becoming increasingly complex.

Cloud 105

Cloud Compliance Security Digital transformation 105

AIIM

MAY 15, 2019

I am very pleased to announce that the Certified Information Professional (CIP) exam has been approved for reimbursement under the Veterans Education Benefit program for Licensing and Certification reimbursements administered by the U.S. Department of Veterans Affairs - aka the GI Bill. This is something that is intensely personal to me. When I got out of the Marine Corps, I wasn't sure what I wanted to do, but I knew that I had the GI Bill to help fund my education and professional development.

Education 129

Education Military IT Security 129

Schneier on Security

MAY 17, 2019

In March, Adi Shamir -- that's the "S" in RSA -- was denied a US visa to attend the RSA Conference. He's Israeli. This month, British citizen Ross Anderson couldn't attend an awards ceremony in DC because of visa issues. (You can listen to his recorded acceptance speech.) I've heard of at least one other prominent cryptographer who is in the same boat.

108

108

Data Breach Today

MAY 13, 2019

Massive 2017 Breach Continues to Bite the Credit Reporting Giant's Bottom Line Equifax has reported a loss in its latest quarter due to ongoing incident response, legal, investigative and corporate information security overhaul costs resulting from its 2017 data breach. The credit reporting giant says that so far, it's spent $1.4 billion as a result of the massive breach.

Data breaches 258

Data breaches Information Security Security IT 258

Advertisement

After a year of sporadic hiring and uncertain investment areas, tech leaders are scrambling to figure out what’s next. This whitepaper reveals how tech leaders are hiring and investing for the future. Download today to learn more!

IT

Security Affairs

MAY 11, 2019

Researchers at Cisco Talos discovered an use-after-free() vulnerability in SQLite that could be exploited by an attacker to remotely execute code on an affected device. Cisco Talos experts discovered an use-after-free() flaw in SQLite that could be exploited by an attacker to remotely execute code on an affected device. An attacker can trigger the flaw by sending a malicious SQL command to the vulnerable installs. “An exploitable use after free vulnerability exists in the window function

Libraries 111

Libraries Security IT 111

AIIM

MAY 13, 2019

As a project manager that specializes in digital software products, I will let you in on a secret about a new role, a new type of person that is emerging in the ranks—and it’s all good news for your project. This particular role actually inspired this series of articles about new roles that were emerging in the project life cycle due to digital disruption.

IoT 87

IoT IT Risk Security 87

Schneier on Security

MAY 13, 2019

Human Rights Watch has reverse engineered an app used by the Chinese police to conduct mass surveillance on Turkic Muslims in Xinjiang. The details are fascinating, and chilling. Boing Boing post.

Privacy 104

Privacy 104

Data Breach Today

MAY 17, 2019

Poorly Written Ransomware Still Infects Unpatched Systems Two years after WannaCry tore a path of destruction through the world, the ransomware remains a danger, with many systems still vulnerable to the EternalBlue or EternalRomance exploits that started it all.

Ransomware 258

Ransomware IT 258

Speaker: Anindo Banerjea, CTO at Civio & Tony Karrer, CTO at Aggregage

When developing a Gen AI application, one of the most significant challenges is improving accuracy. This can be especially difficult when working with a large data corpus, and as the complexity of the task increases. The number of use cases/corner cases that the system is expected to handle essentially explodes. 💥 Anindo Banerjea is here to showcase his significant experience building AI/ML SaaS applications as he walks us through the current problems his company, Civio, is solving.

Security Affairs

MAY 14, 2019

Facebook fixed a critical zero-day flaw in WhatsApp that has been exploited to remotely install spyware on phones by calling the targeted device. Facebook has recently patched a critical zero-day vulnerability in WhatsApp, tracked as CVE-2019-3568 , that has been exploited to remotely install spyware on phones by calling the targeted device. WhatsApp did not name the threat actor exploiting the CVE-2019-3568, it described the attackers as an “advanced cyber actor” that targeted “a select number

Government 111

Government Security IT Information Security 111

Thales Cloud Protection & Licensing

MAY 14, 2019

Digital transformation is driving IT modernization, IoT, and cloud migrations at a record pace in the federal government. The ability to narrow the gap between taking advantage of digital transformation without compromising security was a reoccurring theme at our 2019 annual Data Security Summit on May 1. The roundtable, including more than a dozen IT and cyber leaders from government and industry, explored the business drivers, challenges and evolving strategies around cybersecurity in governme

Digital transformation 97

Digital transformation Security IoT Cloud 97

Schneier on Security

MAY 16, 2019

Last month, Kaspersky discovered that Asus's live update system was infected with malware , an operation it called Operation Shadowhammer. Now we learn that six other companies were targeted in the same operation. As we mentioned before, ASUS was not the only company used by the attackers. Studying this case, our experts found other samples that used similar algorithms.

Healthcare 99

Healthcare Access Security IT 99

Data Breach Today

MAY 16, 2019

6 Suspects Arrested on Money Laundering, Malware-Writing or Fraud Charges Law enforcement agencies in the U.S. and Europe have disrupted a malware attack platform called GozNym. Six suspects have been arrested in four countries and face local prosecution on fraud, money laundering or malware-writing charges. Five Russian suspects remain at large.

220

220

Advertisement

Cloud Development Environments (CDEs) are changing how software teams work by moving development to the cloud. Our Cloud Development Environment Adoption Report gathers insights from 223 developers and business leaders, uncovering key trends in CDE adoption. With 66% of large organizations already using CDEs, these platforms are quickly becoming essential to modern development practices.

Cloud

Security Affairs

MAY 12, 2019

The paradox, the USB stick eyeDisk that uses iris recognition to unlock the drive could reveal the device’s password in plain text in a simple way. eyeDisk is a USB stick that uses iris recognition to unlock the drive, it is advertised as the “Unhackable USB Flash Drive,” instead it could reveal the device’s password in plain text. Just analyzing the eyeDisk USB stick with the Wireshark packet analyzer.

Passwords 111

Passwords Authentication Encryption IT 111

WIRED Threat Level

MAY 13, 2019

Researchers have discovered a way to break one of Cisco's most critical security features, which puts countless networks at potential risk.

Risk 111

Risk Security 111

Dark Reading

MAY 14, 2019

Just as spreadsheets and personal computers created a job boom in the '70s, so too will artificial intelligence spur security analysts' ability to defend against advanced threats.

Artificial Intelligence 95

Artificial Intelligence IT Security 95

Data Breach Today

MAY 13, 2019

Business Email Compromise Schemes Get More Sophisticated A growing area of concern for security researchers is a new crop of business email compromise schemes originating from Nigeria, with scammers upping their game by using new malware. The biggest of the crime gangs is SilverTerrier, according to Palo Alto Network's Unit 42.

Security 203

Security 203

Speaker: Aindra Misra, Senior Manager, Product Management (Data, ML, and Cloud Infrastructure) at BILL

Join us for an insightful webinar that explores the critical intersection of data privacy and AI governance. In today’s rapidly evolving tech landscape, building robust governance frameworks is essential to fostering innovation while staying compliant with regulations. Our expert speaker, Aindra Misra, will guide you through best practices for ensuring data protection while leveraging AI capabilities.

Data Privacy

Security Affairs

MAY 13, 2019

Security experts have found a race condition vulnerability (CVE-2019-11815) in Linux Kernel Prior to 5.0.8 that expose systems to remote code execution. Linux systems based on kernel versions prior to 5.0.8 are affected by a race condition vulnerability leading to a use after free that could be exploited by hackers to get remote code execution. Attackers can trigger the race condition issue that resides in the rds_tcp_kill_sock TCP/IP implementation in net/rds/tcp.c to cause a denial-of-service

Cleanup 108

Cleanup Access Security IT 108

OpenText Information Management

MAY 14, 2019

One of the fastest growing technology areas in the automotive industry relates to autonomous and connected vehicle technologies. The word autonomous has been associated with the automotive industry for a few years however it is now starting to find its way into the supply chain as well. The supply chain has been impacted by numerous … The post How IoT, AI and blockchain will enable tomorrow’s autonomous supply chain appeared first on OpenText Blogs.

Blockchain 93

Blockchain IoT IT 93

Dark Reading

MAY 14, 2019

Tweet suggests possible screenshot of stolen city documents and credentials in the wake of attack that took down city servers last week.

Ransomware 110

Ransomware 110